Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall: How to Configure QoS and understanding the conceptual difference between the shared and individual

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


Overview

The purpose of the Recommended Read is to instruct on how to configure QOS to limit user bandwidth.

Topology

Configuration 1: Rule Base

Step1: Trafic-Shaping Policy

 To limit the bandwidth to 10 Mbps, go to CONFIGURE > System services > Traffic Shaping.
             


Step2: Firewall rule
Go to PROTECT > Rules and policies> Add.



Step3:Testing of Results

Go to web browser and test on any speed test site (e.g. https://www.speedtest.net/)

Configuration 2: User Base

Step1: Creating User Base

Here, we’re using clientless users. Go to CONFIGURE > Authentication > Clientless users.


Step2: Traffic Shaping Policy

Under Traffic> Policy association, Click the Users Radio button.


Step3: Enabling User's Policy

Under the Firewall rules > Other security features. Select the policy created.




Step4: Results

Conceptual Difference between the Shared and Individual

Example for Individual concept:

#
4 users
One firewall rule
1QOS 1mbps individual
each will get 256

#
Same for two firewall rules
Two users each rule
1QOS 1mbps individual
Each will get 512

#
Now four rules for four users
One user for each firewall rule.
Each will get 1MBPS

Example for Shared concept:

4 users
One firewall rule
1QOS 1mbps Shared

#
Same for two firewall rules
Two users each rule, a total of 4 users
1QOS 1mbps shared
Each will get 256

Now four rules for four users
One user of each firewall rule.
Each will get 256

Individual - multiplying factor.
Shared - Within that QOS range.

Note - To illustrate the conceptual difference between the two options, we used 1 Mbps as an example.
To convert Mbps to KB/s, there is a link - https://www.gbmb.org/mbps-to-kbs

I hope this Recommended Read has helped you achieve your requirements and clarified your doubts.




Added TAGs
[edited by: Raphael Alganes at 6:39 AM (GMT -7) on 17 Sep 2024]
Parents Reply Children
  • Hello, so my explanation is correct, based on the rule for two users to share QoS.
    What is the difference and individual when creating a QoS rule, what is the objective of prioritizing a QoS; Can you help me create a specific rule for VPN in order to give you better quality of services.
    I can create quality of service to the user through specific applications; example high priority zoom themes, youtube, mail or game applications.
    Thanks for your help.